Posted by robd
on November 22, 2019
Active Directory,
DNS,
powershell /
1 Comment
Handy bit of PowerShell my bestest ever friend wrote to check DNS accross domain controllers:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
#do dns servers agree for dns $results = $null $results = @() $DNSServers = Get-ADDomainController -Filter * $hostname = Read-Host('enter dns record to check') foreach ($DNSServer in $DNSServers) { $dnsrecord = Resolve-DnsName -Name $hostname -Server $DNSServer.HostName -Type A $result = New-Object psobject -Property @{ dnsserver = $DNSServer.Name hostname = $dnsrecord.name IPAddress = $dnsrecord.ipaddress } $results += $result } $results | select hostname,ipaddress,dnsserver | sort ipaddress |
Tags: DNS, PowerShell
Posted by robd
on August 27, 2019
powershell,
Proxy /
No Comments
At work I’m behind a proxy which caused me havock when trying to install modules into PowerShell.
That was until I found this amazing script to tell PowerShell to use a proxy.
First open your PowerShell profile by either doing this in PowerShell:
Or open “Microsoft.PowerShell_profile.ps1” and “Microsoft.PowerShellISE_profile.ps1” in Explorer with notepad:
|
|
C:\Users\%Username%\My Documents\WindowsPowerShell |
Once open, paste in the following, editing the proxy address and port.
|
|
[system.net.webrequest]::defaultwebproxy = new-object system.net.webproxy('http://ProxyName:ProxyPort') [system.net.webrequest]::defaultwebproxy.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials [system.net.webrequest]::defaultwebproxy.BypassProxyOnLocal = $true |
This will use your current credentials you’re logged in with to pass the commands to the proxy server.
Test with a
Tags: Power Shell, PowerShell, Proxy
Posted by robd
on May 12, 2019
powershell,
Server /
No Comments
I wanted to add an AD group to all the files and folders in a share, the problem is inheritance had been turned off on lots of the folders so I couldn’t just add the AD group to the top and let it filter down. So the solution was to use PowerShell.
First I mapped a drive to the Share (x: in this case). Why didn’t I run this on the server? UAC is a pain in the bum.
You’ll need to change the path and the domain and AD group.
|
|
$folders = Get-ChildItem -Directory -Path X:\ -Recurse foreach ($folder in $folders){ $acl = Get-Acl -path $folder.FullName $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule ` ("DOMAIN\AD_GROUP", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow") $acl.SetAccessRule($accessRule) $acl | Set-Acl -path $folder.FullName } |
Tags: permissions, PowerShell
Posted by robd
on May 11, 2019
powershell,
Server /
No Comments
If you need to report out file and folder permissions of a file share, see the below PowerShell.
First map the the share to a drive if it isnt already. In my case X: drive.
Why didn’t I do this on the server hosting the files? UAC gets in the way and is a pain the bum.
|
|
$FolderPath = dir -Directory -Path "x:\" -Recurse -Force $Report = @() Foreach ($Folder in $FolderPath) { $Acl = Get-Acl -Path $Folder.FullName foreach ($Access in $acl.Access) { $Properties = [ordered]@{'FolderName'=$Folder.FullName;'AD Group or User'=$Access.IdentityReference;'Permissions'=$Access.FileSystemRights;'Inherited'=$Access.IsInherited}$Report += New-Object -TypeName PSObject -Property $Properties} } $Report | Export-Csv -path "C:\temp\Folder_Permissions.csv" |
Tags: permissions, PowerShell
Posted by robd
on May 10, 2019
powershell,
Server /
No Comments
I wanted to make some changes to some permissions on mass today but decided it would be prudent to backup the permissions first.
So I used icals, to do this I first ran CMD as admin, then mapped the share drive with “Net Use“.
Why didn’t I do this on the server hosting the files? UAC gets in the way and is a pain the bum.
To backup the permissions:
Swicthes:
/t – Performs the operation on all specified files in the current directory and its subdirectories.
/c – Continues the operation despite any file errors. Error messages will still be displayed.
|
|
icacls x:\ /save c:\temp\permissions.txt /t /c |
Then to restore:
|
|
icacls y:\test /restore c:\temp\permissions.txt |
Tags: CMD, icalc, permissions
Posted by robd
on January 28, 2019
powershell,
vmware /
No Comments
To resize VMs using PowerShell with PowerCLI from a csv list, first install the software:
https://my.vmware.com/web/vmware/details?downloadGroup=PCLI650R1&productId=614
Then create a list of servers to resize and save it as a CSV file in C:\temp\VMs.csv:
|
|
Server01 Server02 Server03 |
Save the below as Something.PS1 and run from PowerCLI
Note: Change VCENTRE to your vCentre, this script will TURN THE SERVER OFF then give each VM two CPUs, one socket and 5GBs of RAM.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
$me = Get-Credential connect-viserver "VCENTRE" -User $me $vms = get-content C:\Temp\VMs.csv ForEach ($vm in $vms){ $vms | Shutdown-VMGuest –Confirm:$False Sleep 60 $vms | Set-VM –MemoryGB 8 –NumCpu 2 –Confirm:$False $vms | Start-VM } |
Tags: PowerCLI, PowerShell, VMWARE
Posted by robd
on October 19, 2018
powershell /
No Comments
Just a quick one, to install RSAT on Windows 10 1809 via PowerShell:
|
|
Get-WindowsCapability -Name RSAT* -Online | Add-WindowsCapability -Online |
then check:
|
|
Get-WindowsCapability -Name RSAT* -Online | Select-Object -Property DisplayName, State |
Tags: PowerShell, RSAT, Windows 10 1809
Posted by robd
on October 18, 2018
powershell /
No Comments
Got this today while connecting to Event viewer on a remote windows 10 machine:
|
|
“Computer ‘DC01.MIKEFROBBINS.COM’ cannot be connected. Verify that the network path is correct, the computer is available on the network, and that the appropriate Windows Firewall rules are enabled on the target computer. To enable the appropriate Windows Firewall rules on the remote computer, open the Windows Firewall with Advanced Security snap-in and enable the following inbound rules: COM+ Network Access (DCOM-In) All rules in the Remote Event Log Management group You can also enable these rules by using Group Policy settings for Windows Firewall with Advanced Security. For servers that are running the Server Core installation option, run the Netsh AdvFirewall command, or the Windows PowerShell NetSecurity module.” |
To Fix remotely:
|
|
Invoke-Command -ComputerName COMPUTERNAME { Set-NetFirewallRule -DisplayGroup 'Remote Event Log Management' -Enabled True -PassThru | select DisplayName, Enabled } -Credential (Get-Credential) |
Tags: PowerShell
Posted by robd
on September 23, 2018
powershell,
Server 2012 /
No Comments
How to disable Dedup:
First an important point about disabling dedup (via GUI or PowerShell), when you disable it only stops further deduplication from occurring i.e data that has already been deduplicated will remain deduplicated
If you want to “move” the data back to the original files and out of the deduplication store (Chunk Store) you need to use powershell command
|
|
start-dedupjob -Volume <VolumeLetter> -Type Unoptimization |
You can check the status on where this is at by using
Here’s another gotcha, chunk size (love that name) will not get smaller until you run two more commands, GarbageCollection and Scrubbing. GargabeCollection will find and remove unreferenced chunks and scrubbing will perform an integrity check but this wont work unless dedup is on….so enable dedup:
|
|
Enable-DedupVolume -Volume <VolumeLetter> |
Then run garage collection:
|
|
start-dedupjob -Volume <VolumeLetter> -Type GarbageCollection start-dedupjob -Volume <VolumeLetter> –Type Scrubbin |
Once your drive is small again then disable dedup:
|
|
Disable-DedupVolume -Volume <VolumeLetter> |
Tags: dedup, PowerShell, windows server 2012
Posted by robd
on September 21, 2018
powershell,
Server 2012 /
1 Comment
Found a drive was running low on space today and on closer inspection with tree size I found that ChunkStore (brilliant name) was taking up the drive space:
Odd as it looks as dedup wasn’t working:
To fix it I ran the following PowerShell:
|
|
start-dedupjob -Volume <VolumeLetter> -Type GarbageCollection start-dedupjob -Volume <VolumeLetter> -Type DataScrubbing |
What does this do I hear you say, Garbage collection is the process to remove “data chunks” that are no longer referenced i.e. to remove references to deleted files and folders. This process deleted content to free up additional space. Data scrubbing checks integrity and validate the checksum data.
To monitor it I ran:
This seems to have fixed it for me:
Tags: dedup, PowerShell
